For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Bulk Nat Creation

Problem this snippet solves:

Summary: This iControl script will bulk create NATs based on the contents of an input file.

This iControl script will read the contents of an input file containing nat origin:destination pairs and bulk create NATs based on those values.

How to use this snippet:

Syntax

NAT.pl bigip port username password create input_filename

NAT.pl bigip port username password delete_all

Input File: NAT.txt

1.1.1.1,2.2.2.1

1.1.1.2,2.2.2.2

1.1.1.3,2.2.2.3

1.1.1.4,2.2.2.4

1.1.1.5,2.2.2.5

iControl Script NAT.pl

Code :

#!/usr/bin/perl

#use SOAP::Lite + trace => qw(method debug);
use SOAP::Lite;
use MIME::Base64;
use Benchmark;
BEGIN { push (@INC, ".."); }
use iControlTypeCast;

#----------------------------------------------------------------------------
# Validate Arguments
#----------------------------------------------------------------------------
my $sHost = $ARGV[0];
my $sPort = $ARGV[1];
my $sUID = $ARGV[2];
my $sPWD = $ARGV[3];
my $sCommand = $ARGV[4];
my $sArg1 = $ARGV[5];
my $sArg2 = $ARGV[6];
my $sProtocol = "https";

if ( ("80" eq $sPort) or ("8080" eq $sPort) )
{
  $sProtocol = "http";
}

if ( ($sHost eq "") or ($sPort eq "") or ($sUID eq "") or ($sPWD eq "") )
{
  &usage();
}

sub usage()
{
  my ($sCmd) = @_;
  print "Usage: i_Nat_v3.pl host port uid pwd command [options]\n";
  print "    -----------------------------------------------------------\n";

  if ( ($sCmd eq "") or ($sCmd eq "delete_all") )
  {
    print "    delete_all          - Deletes all NATs\n";
  }
  if ( ($sCmd eq "") or ($sCmd eq "create") )
  {
    print "    create  File Name     - create NATs that in a file\n";
  }
  exit();
}

#----------------------------------------------------------------------------
# Transport Information
#----------------------------------------------------------------------------
sub SOAP::Transport::HTTP::Client::get_basic_credentials-->
{
  return "$sUID" => "$sPWD";
}

$NAT = SOAP::Lite
  -> uri('urn
  -> proxy("$sProtocol://$sHost:$sPort/iControl/iControlPortal.cgi");
eval { $NAT->transport->http_request->header
(
  'Authorization' => 
    'Basic ' . MIME::Base64::encode("$sUID:$sPWD", '')-->
); };

if ( $sCommand eq "delete_all" )
{
  &delete_nat();
}
elsif ( $sCommand eq "create" )
{
  &create_NAT();
}
else
{
  &usage();
}

#----------------------------------------------------------------------------
# checkResponse
#----------------------------------------------------------------------------
sub checkResponse()
{
my ($soapResponse) = (@_);
if ( $soapResponse->fault )
{
print $soapResponse->faultcode, " ", $soapResponse->faultstring, "\n";
exit();
}
}

#----------------------------------------------------------------------------
# delete_all
#----------------------------------------------------------------------------
sub delete_nat()
{
  $soapResponse = $NAT->delete_all_nats();
}


#----------------------------------------------------------------------------
# create
#----------------------------------------------------------------------------
sub create_NAT() 
{ 
 #Read a file and print out the input 
 #$FILE is the input file name 
 ($FILE) = $sArg1; 
 #$FP is a file point to the file provide in the command line 
 $ST = 1; 
 $VNAME = ""; 
 $VLN = { state => $ST, vlans => $VNAME }; 
 push @VLNSTRUCT, $VLN; 
 $UNITID = 1; 
 $CNT = 1; 
 open(FP, $FILE) || die "Cannot open file $FILE:\n"; 
 $STIME = new Benchmark; 
  
 $NUM_IN_BATCH = 50; 
 $cur_count = 0; 
  
 while () 
 { 
  /,/; 
  $ORGIP = $`; 
  chomp ($ORGIP); 
  $NATIP = $'; 
  chomp ($NATIP); 
  #print "$ORGIP $NATIP\n"; 
  $IPSTRUC = { translation_address => $NATIP, original_address => $ORGIP }; 
  
  push @NATDEFLISTS, $IPSTRUC; 
  push @UNITIDLISTS, $UNITID; 
  push @VLANSLISTS, $VLN; 
  
  $cur_count++; 
  if ( $cur_count >= $NUM_IN_BATCH ) 
  { 
   $soapResponse = $NAT->create 
     ( 
        SOAP::Data->name ( nat_definitions => [@NATDEFLISTS] ), 
        SOAP::Data->name ( unit_ids => ( [@UNITIDLISTS] ) ), 
        SOAP::Data->name ( vlans => [@VLANSLISTS] ) 
     ); 
   &checkResponse($soapResponse); 
   
   splice(@NATDEFLISTS); 
   splice(@UNITIDLISTS); 
   splice(@VLANSLISTS); 
   
   $cur_count = 0; 
  } 
 } 
  
 if ($cur_count > 0) 
 { 
  $soapResponse = $NAT->create 
    ( 
       SOAP::Data->name ( nat_definitions => [@NATDEFLISTS] ), 
       SOAP::Data->name ( unit_ids => ( [@UNITIDLISTS] ) ), 
       SOAP::Data->name ( vlans => [@VLANSLISTS] ) 
    ); 
  &checkResponse($soapResponse); 
 } 
  
  $ETIME = new Benchmark; 
  print "Took ", timestr(timediff($ETIME, $STIME)); 
  close FP; 
}
Updated Jun 06, 2023
Version 2.0
devops
iControl
perl
No CommentsBe the first to comment